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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
eamed patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )K Responsive to communication(s) filed on 31 May 2001 . 
2a)n This action is FINAL. 2b)S This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) ^ Claim(s) 7-29 is/are pending In the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) ^ Claim(s) 1-29 is/are rejected. 
/)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10)S The drawing(s) filed on 27 August 2003 is/are: a)^ accepted or b)\3 objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
11 )□ The proposed drawing correction filed on is: a)\Z\ approved b)\3 disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) n The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)nAII b)n Some*c)n None of: 

1 D Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) n Acknowledgment Is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
Attachment(5) 

1) S Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). . 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) □ Notice of Infonnal Patent Application (PTO-152) 

3) n Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) □ Other: 
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DETAILED ACTION 



1 . The replacement drawings were received on August 27, 2003. These drawings 
are accepted by the Examiner. 



2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

3. Claims 1-29 are rejected under 35 U.S.C. 102(a) as being anticipated by 
Wohlmacher ("Digital Certificates: a Survey of Revocation Methods"), hereinafter 
referred to as "Wohlmacher*'. 

As per claims 1,17, 29, Wohlmacher discloses a method and a computer 

readable medium for validating digital certificates, comprising: 

• "receiving an online certificate status protocol request associated with a digital 
certificate" at page 1 14, 2"^ paragraph; 

• "creating a Lightweight Directory Access Protocol database query based on the 
received request" at page 1 14, Col. 1, 2"^ and 3"^*^ paragraphs; 

• "sending the Lightweight Directory Access Protocol database query to determine 
whether the digital certificate is valid; and receiving a database query result 



Claim Rejections - 35 USC § 102 
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indicating whether the digital certificate is valid" at page 114, Col. 1 , 2"^ and 3^^ 
paragraph. 

As per claims 2, 18, Wohlmacher teaches the method and the computer 

readable medium of claims 1,17, further including "sending an indication of whether the 
digital certificate is valid based upon the received database query result" at page 114, 
Col. 1. 2""^ paragraph. 

As per claims 3, 19, Wohlmacher teaches the method and the computer 
readable medium of claims 1,17, wherein 

• "the data processing system has a certificate authority and an associated 
database" at page 111, Col. 2, 2"^ and 3'^ paragraph; 

• "and wherein the method further comprises: sending an indication of a new digital 
certificate from the certificate authority to the database upon issuance of the new 
digital certificate" at page 113, Col. 1, 2"^ paragraph; 

• "receiving, by the database, from the certificate authority, an indication of the new 
digital certificate; and storing a database record reflecting an identity of the new 
digital certificate" at page 113, Col. 1, 2"^ paragraph. 

As per claims 4, 20, Wohlmacher teaches the method and computer readable 
medium of claims 1,17, wherein: 
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• "the data processing system has a certificate authority and an associated 
database" at page 111, Col. 2. 2""* and 3'^ paragraph, 

• "and wherein the method further comprises: sending an indication of a revoked 
digital certificate from the certificate authority to the database upon revocation of 
the revoked digital certificate" page 113, Col. 1, 2"^ paragraph; 

• "receiving, by the database, from the certificate authority, the indication of 
revocation of the revoked digital certificate; and removing a database record of 
an identity of the revoked digital certificate" page 113, Col, 1, 2"^ paragraph. 

As per claims 5, 21 , Wohlmacher teaches a method and a computer readable 
medium in a data processing system for validating digital certificates, the data 
processing system having a certificate authority and an associated database, the 
method comprising: 

• "receiving, by a database, a Lightweight Directory Access Protocol query based 
on an online certificate status protocol request indicating a requested digital 
certificate" at 114, Col. 1, 2""* and 3'^ paragraphs; 

• "searching the database for a database record reflecting an identity of the 
requested digital certificate" at 114, Col. 1, 2"^ paragraph; 

• "and returning an indication of the database record when the database record 
reflecting the requested digital certificate is found to indicate validity of the 
requested digital certificate" at 1 14, Col. 1, 2"^ paragraph; 
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• "whereby the indication of the database record is returned without transmission 
of a certificate revocation list by the certificate authority" 1 14, Col. 1 , 2"^ and 3'^ 
paragraphs. 

As per claims 6, 22, Wohlmacher teaches the method and the computer 
readable medium of claims 5, 21 , further comprising the step of: 

• "sending an indication of a new digital certificate from the certificate authority to 
the database upon issuance of the new digital certificate" at page 113, Col. 1 , 2"^ 
paragraph; 

• "receiving, by the database from the certificate authority, an indication of the new 
digital certificate upon issuance of the new digital certificate" at page 113, Col. 1, 
2"^ paragraph; 

• "and storing a database record reflecting an identity of the new digital certificate" 
at page 113, Col. 1, 2""^ paragraph. 

As per claims 7, 23, Wohlmacher teaches a method and the computer readable 
medium for validating digital certificates without certification revocation lists, comprising: 

• "receiving an online certificate status protocol request associated with a digital 
certificate" at 1 14, Col. 1 , 2"^ paragraph; 

• "creating a database query based on the received request; sending the database 
query to determine whether the digital certificate is valid" at 1 14, Col. 1 , 2"^ 
paragraph; 
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• "and receiving a database query result indicating whether the digital certificate is 
valid" at 1 14, Col. 1,2"^ paragraph. 

As per claims 8, 24, Wohlmacher teaches the method and the computer 
readable medium of claims 7, 23, wherein "the database query is a Lightweight 
Directory Access Protocol database query" at 114, Col. 1, 3"^ paragraph. 

As per claims 9, 25, Wohlmacher teaches a method and a computer readable 
medium for validating digital certificates without certification revocation lists, the data 
processing system having a certificate authority and an associated database, the 
method comprising: 

• "receiving, by the database, a query based on an online certificate status 
protocol request indicating a requested digital certificate" at 114, Col. 1, 
2"^ paragraph; 

• "searching the database for a database record reflecting an identity of the 
requested digital certificate; and returning an indication of the database 
record when the database record reflecting the requested digital certificate 
is found to indicate validity of the requested digital certificate" at 114, Col. 

1 , 2""^ paragraph. 

As per claims 10, 26, Wohlmacher teaches the method and the computer 
readable medium of claims 9, 25, further comprising the step of: 
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• "sending an indication of the new digital certificate from the certificate 
authority to the database upon issuance of the new digital certificate; 
receiving, by the database from the certificate authority, an indication of a 
new digital certificate upon issuance of the new digital certificate; and 
storing a database record reflecting an identity of the new digital 
certificate" at page 113, Col. 1, 2"^ paragraph. 

As per claims 11, 27, Wohlmacher teaches the method and the computer 
readable medium of claims 9, 25, wherein "the received query is a Lightweight Directory 
Access Protocol query" at 1 14, Col. 1, 3^^ paragraph. 

As per claims 12, 28, Wohlmacher teaches a method and a computer readable 
medium in a data processing system for validating digital certificates without certification 
revocation lists, the data processing system having a client, a server, an OCSP 
responder, a database, and a certificate authority (page 111, Col. 1), the method 
comprising: 

• "sending a request from the client for a transaction, the request including a 
digital certificate identifying the client; receiving the client request by the 
server" at page 1 14, Col. 1, 2"^ paragraph; 

• "creating, by the server, an online certificate status protocol request based 
on the associated digital certificate identifying the client; sending the 
online certificate status protocol request by the server" at page 114, Col. 
1, 2"^ paragraph; 



\ 
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• "receiving, by the OCSP responder, the online certificate status protocol 
request associated with the digital certificate; creating a Lightweight 
Directory Access Protocol database query based on the received online 
certificate status protocol request" at page 1 14, Col. 1. 2"^ and 3^^ 
paragraphs; 

• "sending the Lightweight Directory Access Protocol database query to the 
database to determine whether the digital certificate is valid, the database 
storing records of valid certificates of the certificate authority; searching 
the database for a database record identifying the digital certificate 
associated with the online certificate status protocol request; returning a 
LDAP database query result indicating whether the digital certificate is 
valid; and receiving the returned LDAP database query result" at page 

1 14, Col. 1 , 2"^ and 3'^ paragraphs. 

As per claim 13, Wohlmacher teaches a data processing system for answering 
online certificate status requests without certificate revocation lists, comprising: 

• a memory having program instructions; a processor configured to execute the 
program instructions to receive an online certificate status protocol request 
associated with a digital certificate" at page 114, Col. 1, 2"^ paragraph, 

• "create a database query based on the received request, send the Lightweight 
Directory Access Protocol database query to determine whether the digital 
certificate is valid, and receive a Lightweight Directory Access Protocol database 
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query result indicating whether the digital certificate is valid" at page 1 14, Col. 1, 
2"^ and 3'"^ paragraphs. 

As per claim 14, Wohlmacher teaches a data processing system for answering 
online certificate status requests without certificate revocation lists, comprising: 

• "a first computer having: a memory having program instructions; a processor 
configured to execute the program instructions to receive an online certificate 
status protocol request associated with a digital certificate" at page 114, Col. 1 , 
2""^ paragraph; 

• "create a database query based on the received request, send the database 
query to determine whether the digital certificate is valid, and receive a database 
query result indicating whether the digital certificate is valid" at page 114, Col. 1 , 
2"^ paragraph; 

• "and a second computer representing a directory server having: a database 
storing database records indicating digital certificates; a memory having program 
instructions; a processor configured to execute the program instructions to 
receive, from a certificate authority, an indication of a new digital certificate upon 
issuance of the new digital certificate, store a database record reflecting an 
identity of the new digital certificate, receive the database query based on the 
online certificate status protocol request from the first computer, search the 
database for a database record reflecting an identity of the requested digital 
certificate; and return an indication of the database record to the first computer 
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when the database record reflecting the requested digital certificate is found to 
indicate validity of the requested digital certificate" at page 113, Col. 1 , 2"^ 
paragraph. 

As per claim 15, Wohlmacher teaches the data processing system of claim 14, 
wherein "the database query is an LDAP query" at page 1 14, Col, 1 , 3^*^ paragraph. 

As per claim 16, Wohlmacher teaches a data processing system for answering 
online certificate status requests without certificate revocation lists, comprising: 

• "a client computer configured to send a request for a transaction, the request 
including a digital certificate identifying the client" at page 114, Col. 1, 2"^ 
paragraph; 

• "a server computer configured to receive the client request, create an online 
certificate status protocol request based on the associated digital certificate 
identifying the client" at page 114, Col. 1, 2"^ paragraph; 

• "and send the online certificate status protocol request; an OCSP responder 
configured to receive the online certificate status protocol request associated with 
the digital certificate" at page 1 14. Col. 1 , 2^^ paragraph. 

• "create a Lightweight Directory Access Protocol database query based on the 
received online certificate status protocol request, and send the Lightweight 
Directory Access Protocol database query to a database to determine whether 




Application/Control Number: 09/867,648 
Art Unit: 2177 



Page 1 1 



the digital certificate is valid, the database storing records of valid certificates of 
the certificate authority" at page 1 14, Col. 1 , 2"^ and 3'^^ paragraphs; 

• "and a database configured to search for a database record identifying the digital 
certificate associated with the online certificate status protocol request, return an 
LDAP database query result indicating whether the digital certificate is valid" at at 
page 114, Col. 1 , 2""^ and 3'^ paragraphs. 



4. The prior art made of record, listed on form PTO-892, and not relied upon, if any, 
is considered pertinent to applicant's disclosure. 

If a reference indicated as being mailed on PTO-FORM 892 has not been 
enclosed in this action, please contact Lisa Craney whose telephone number is (703) 
305-9601 for faster service. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Khanh B. Pham whose telephone number is (703) 308- 
7299. The examiner can normally be reached on Monday through Friday 7:30am to 
4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John E Breene can be reached on (703) 305-9790. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 



Conclusion 
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Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703)746- 
7240. 



Khanh B. Pham 
Examiner 
Art Unit 2177 

KBP 

October 3, 2003 
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